/*
* JBoss, Home of Professional Open Source
* Copyright 2006, JBoss Inc., and individual contributors as indicated
* by the @authors tag. See the copyright.txt in the distribution for a
* full listing of individual contributors.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package si.ibloc.cms.logic.impl;

import java.util.Set;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;

import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Out;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.security.Identity;
import si.ibloc.cms.model.Role;
import si.ibloc.cms.model.User;

/**
 * @author <a href="mailto:ales.justin@jboss.com">Ales Justin</a>
 */
@Name("authenticator")
public class Authenticator {
   @In EntityManager entityManager;
   @In Identity identity;
   @Out(required = false, scope = ScopeType.SESSION) private User user;

   public boolean authenticate() {
      try {
         user = (User)entityManager.createQuery(
               "from User where username = :username and password = :password")
               .setParameter("username", identity.getUsername())
               .setParameter("password", identity.getPassword())
               .getSingleResult();

         Set<Role> roles = user.getRoles();
         if (roles != null) {
            for (Role role : roles) {
               identity.addRole(role.getName());
            }
         }
         return true;
      } catch (NoResultException ex) {
         FacesMessages.instance().add("Invalid username/password.");
         return false;
      }
   }
}